back to article Don't ditch PowerShell to improve security, say infosec agencies from UK, US, and NZ

Windows PowerShell is enormously useful, extremely prevalent, and often targeted by crooks because it offers an express route into the heart of Windows servers and networks. Some have therefore suggested the tool is a liability that should be disabled in the interest of improved security. But on Wednesday national …

  1. cawfee


    PowerShell is my love language.

    1. LDS Silver badge

      Re: Good

      You like complicated, difficult, one-side relationships, it looks...

      1. HildyJ Silver badge

        Re: Good

        I'm in IT, all I have are complicated, difficult, one-sided relationships. Just ask my wife.

    2. phuzz Silver badge

      Re: Good

      I feel that

      unzip; touch; grep; mount; fsck; more; yes; fsck; fsck; umount; clean; sleep

      is slightly more poetic than

      Expand-Archive; New-Item; Mount-DiskImage; Select-String; Repair-Volume; Get-Content; -Force; Repair-Volume; Dismount-DiskImage; Clear-Host; Start-Sleep

      but each to their own.

      1. Fozzy Bear

        Re: Good

        Tell me you've never used PowerShell without telling me you've never used PowerShell.

        1. phuzz Silver badge

          Re: Good

          Mate, as it happens I prefer using PowerShell to Bash, but this was clearly just an extended joke.

          (Although I did learn about the *nix command yes, which quite frankly made me like PS more).

          1. Robert Helpmann??

            Re: Good

            ...this was clearly just an extended joke.

            So a bit like PowerShell's original codename, Monad? To me, PS is emblematic of so much that is Microsoft: allow customers plenty of time to learn to use a given product and then switch it out for something that does the exact same thing differently while promising improved performance and functionality but in reality just costs a lot of wasted productivity while users have to relearn how to do the exact same things they could do perfectly well before... Which MS product does this sound like? My expectation is that PS is about due for a replacement because it has a large enough user base to make it worth targeting.

  2. veti Silver badge

    I guess now we know what the Five Eyes are using to spy on us.

    1. stiine Silver badge

      See icon...

  3. DCdave

    Powershell 7.2 improves on 5.1?

    Hmm, not so sure about that, really. It's newer, but it has some compromises due to portability. If you're setting up a new environment from scratch, then maybe go for it. If you've got a mature environment with lots of scripts then you're likely going to need and want to keep using 5.1.

    Also, just using 7.2 isn't enough anyway, you do actually need to disable 5.1 in some way, at least for remote access, otherwise all you're doing is stopping using 5.1 and leaving it open for anyone who wants to use it.

    1. EnviableOne Silver badge

      Re: Powershell 7.2 improves on 5.1?

      the big advantage 5.1 has over 7 is ISE.

      Makes getting into PowerShell a lot easier, and means you don't have to have two windows open...

      1. DCdave

        Re: Powershell 7.2 improves on 5.1?

        You know you can use Visual Studio Code for free, right? Personally I do prefer ISE, but you can run your scripts within Code too...although yes, ISE's tabbed approach is better than Code's window per script.

  4. pavel.petrman Silver badge

    Security at the expense of usablity comes at the price of security.

    Disabling a most useful tool is like never having a smartphone for fear of being robbed of it.

    It should, of course, be an important part of defence-in-depth, part of active monitoring. "Twenty Powershell windows on a development machine with admin privileges? Probably okay, but one should stonewall the dev network from operations and finance. Single powershell process spawning out of the blue in the middle of accounting, where they only use ERP and Excel? Why? Let's take a look what's going on."

    Funny, as I read an article or three to that effect several years ago. I thought Powershell would have been well understood by now. Why the sudden urge to comment on in, especially by a "random" group of five eyes states?

  5. Lis

    If the”Cyber”

    security people say to keep something, I would get rid of it if I could Trust the spooks? I don’t think so.

    Cheers… Ishy

  6. Anonymous Coward
    Anonymous Coward


    sounds like they are fuckwits

  7. oiseau Silver badge

    Suggesting time?

    Some have therefore suggested ...

    Hmmm ...

    Not to use MS operating systems?

    Shit, man ...

    It's been suggested for decades.

    But you know, some people never learn.


  8. Claptrap314 Silver badge

    I think I see a problem in the premise...

    "secure the Windows operating system"

  9. Anonymous Coward
    Anonymous Coward

    Just use Linux

    1. BPontius

      Just trade one set of problems for another. No thanks!! Linux is it's own bundle of problems and is fast becoming a target of hackers just like Windows.

      Prediction, you will counter with the argument that Linux is more secure. Why has there been a triple digit increase in infections and attacks on Linux over the past two years if it is so much more secure?

  10. BPontius

    PowerShell is a two car garage size back door allowing hackers access and control of your system/network! I have failed to find security measures sufficient to keep it running on my system, it is blocked even for admins. PowerShell is a mess of overly complex commands and syntax structures that I find difficult to learn let alone use.

    I see very little in PowerShell that enhances security and an abundance of drawbacks.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022